Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/71373FBA19AE11EE832D0F5F4AD9E6FC.roa
File: 71373FBA19AE11EE832D0F5F4AD9E6FC.roa (raw, json)
Hash identifier: Rj8Zt7JYm7KVlK1BYtaTgKHvYAwLqTpK9cbnyC/C0/U=
Subject key identifier: EB:77:A4:CF:2F:94:24:49:BB:BF:05:1A:79:D9:E4:59:B3:DA:6F:99
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0412
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/71373FBA19AE11EE832D0F5F4AD9E6FC.roa
Signing time: Mon 03 Jul 2023 14:32:31 +0000
ROA not before: Mon 03 Jul 2023 14:32:28 +0000
ROA not after: Wed 03 Jul 2024 14:32:28 +0000
asID: 328227
IP address blocks: 156.0.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1042 (0x412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jul 3 14:32:28 2023 GMT
Not After : Jul 3 14:32:28 2024 GMT
Subject: CN=64a2dbff-f24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:8f:23:81:04:57:34:a5:e5:e0:51:94:14:
4d:10:a7:f1:ca:f0:12:f4:81:13:99:32:d0:c6:68:
37:a5:ce:da:70:13:a7:2f:38:99:84:3b:ae:9b:cb:
1a:ea:04:26:3b:61:fa:18:5c:50:b7:b0:d7:5e:f0:
00:cb:c7:43:0c:36:d6:24:9a:fc:29:af:f9:39:07:
98:83:ae:3c:85:bc:b1:84:7b:2b:aa:a8:1a:e0:8e:
1c:b0:49:77:8e:47:a3:7f:13:40:7c:df:92:30:1d:
8f:47:07:3f:58:30:bd:09:89:0a:7a:57:77:c5:0d:
39:03:12:46:43:e9:a8:9d:a5:9b:45:57:1a:a3:94:
cf:84:0c:36:67:26:36:df:e6:17:ef:3c:96:ff:cf:
09:e8:14:4b:3b:c6:41:35:90:ef:bd:fe:25:10:c1:
3c:e8:7d:38:8f:af:3c:4d:18:99:f6:e1:78:95:22:
3e:d4:0d:9c:7b:64:45:1a:c1:76:6c:7b:ea:71:6b:
4a:71:d9:64:f4:77:80:6f:5c:02:8e:c0:15:80:b8:
ac:b7:b7:ce:5e:e0:be:19:dc:4f:17:2b:2b:6e:c2:
4b:dc:9e:e9:23:3b:fe:02:e7:86:3f:43:d0:fc:c2:
fa:09:30:d4:2a:fa:c7:75:8d:60:ee:52:38:d5:b7:
51:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:77:A4:CF:2F:94:24:49:BB:BF:05:1A:79:D9:E4:59:B3:DA:6F:99
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/71373FBA19AE11EE832D0F5F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.127.0/24
Signature Algorithm: sha256WithRSAEncryption
40:23:f4:d0:b0:3b:24:e7:be:fb:c5:18:5f:6d:ba:77:c2:0e:
cb:d0:1e:e1:a4:87:47:d5:d2:e9:4c:4d:88:20:5f:2e:45:5e:
db:16:69:dc:7c:2c:75:17:b5:f8:0a:12:c8:ca:65:74:2f:03:
0f:8f:fd:76:0a:74:e0:70:43:42:d4:95:88:00:f1:b3:fe:7f:
89:b6:27:72:ed:f7:9a:d0:cd:55:8e:8e:f0:91:66:06:84:ff:
ce:f1:b6:8b:6c:95:c7:bf:26:6f:0c:fb:3a:06:c3:f5:bb:d8:
fa:48:01:7a:2d:d3:da:a4:a9:f1:6d:54:1a:31:db:3f:6a:b6:
f6:c5:ff:61:ea:57:70:69:91:86:68:19:70:d3:c4:e3:3b:9b:
5c:b6:2e:d8:1b:d4:0f:f0:8e:2e:f7:66:02:20:16:f9:3c:8b:
68:b2:6b:b6:88:7a:d1:0d:9e:c1:b6:27:e8:62:65:d5:14:12:
c5:d2:25:f3:d9:50:cd:fd:22:a1:41:c2:18:f7:e5:e6:7f:3f:
3c:87:1e:e4:4b:b4:cf:94:b1:f4:f1:67:c1:35:26:ff:ed:18:
61:b7:66:56:30:46:6a:ed:0a:da:1b:b0:73:74:a2:40:bc:fa:
07:f1:42:e5:cd:8f:52:2d:c5:b5:6e:de:31:16:8f:c0:14:c1:
cc:d1:13:a0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBBIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA3MDMxNDMyMjhaFw0yNDA3MDMxNDMyMjhaMBgxFjAU
BgNVBAMTDTY0YTJkYmZmLWYyNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCw548jgQRXNKXl4FGUFE0Qp/HK8BL0gROZMtDGaDelztpwE6cvOJmEO66b
yxrqBCY7YfoYXFC3sNde8ADLx0MMNtYkmvwpr/k5B5iDrjyFvLGEeyuqqBrgjhyw
SXeOR6N/E0B835IwHY9HBz9YML0JiQp6V3fFDTkDEkZD6aidpZtFVxqjlM+EDDZn
Jjbf5hfvPJb/zwnoFEs7xkE1kO+9/iUQwTzofTiPrzxNGJn24XiVIj7UDZx7ZEUa
wXZse+pxa0px2WT0d4BvXAKOwBWAuKy3t85e4L4Z3E8XKytuwkvcnukjO/4C54Y/
Q9D8wvoJMNQq+sd1jWDuUjjVt1EvAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU63ek
zy+UJEm7vwUaednkWbPab5kwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzcxMzczRkJBMTlBRTExRUU4MzJEMEY1RjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH8wDQYJKoZIhvcNAQELBQAD
ggEBAEAj9NCwOyTnvvvFGF9tunfCDsvQHuGkh0fV0ulMTYggXy5FXtsWadx8LHUX
tfgKEsjKZXQvAw+P/XYKdOBwQ0LUlYgA8bP+f4m2J3Lt95rQzVWOjvCRZgaE/87x
totslce/Jm8M+zoGw/W72PpIAXot09qkqfFtVBox2z9qtvbF/2HqV3BpkYZoGXDT
xOM7m1y2Ltgb1A/wji73ZgIgFvk8i2iya7aIetENnsG2J+hiZdUUEsXSJfPZUM39
IqFBwhj35eZ/PzyHHuRLtM+UsfTxZ8E1Jv/tGGG3ZlYwRmrtCtobsHN0okC8+gfx
QuXNj1ItxbVu3jEWj8AUwczRE6A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org